Search for:

In brief

On 20 March 2021, the Philippine National Privacy Commission (NPC) answered a new batch of frequently asked questions regarding eRehistro, specifically with regard to the commission’s validation process, user credentials and the certificate of registration.

For previous responses from the NPC on this topic, check out our earlier client alert here.

Recommended actions

While we continue to await the issuance of the formal guidelines by the NPC regarding the eRehistro system, we recommend that personal information controllers (PICs) and personal information processors (PIPs) keep themselves updated by monitoring developments shared by the NPC through both its social media channels and official website. Our firm continues to closely monitor this compliance matter and we will provide more updates in due course.

In more detail

Validation process

After creating an eRehistro account, PICs and PIPs may proceed to upload their documentary requirements1 using the online system in order to complete the application process. The NPC will then validate the application and determine the completeness and correctness of the submission. Thereafter, the commission will notify the PIC or PIP, through the latter’s registered email address, regarding the status of its application, specifically whether it is already “For Approval” or is “Invalid.”

If the NPC finds the PIC or PIP’s application to be complete and accurate, the eRehistro system will send a notification stating that the application has been approved. The NPC will then issue the certificate of registration within seven (7) days.

In case the NPC finds the application to be incomplete and/or inaccurate, the PIC or PIP will receive a notification to this effect, and shall be provided an opportunity to re-submit or complete the required documents for registration.

Registered email address

The NPC recommends using an official or business email address when creating an eRehistro account in order to ensure access by PICs and PIPs.

Effects of registration

The issuance of a certificate of registration by the NPC does not automatically mean that the PIC or PIP is fully compliant with the Data Privacy Act of 2012, its Implementing Rules and Regulations, and the issuances of the NPC, as the registration of both Data Protection Officers and Data Processing Systems is only one of several other compliance points under the law. Hence, despite receiving the certificate of registration, PICs and PIPs are still required to comply with all other data privacy-related requirements which include, among others, upholding the rights of data subjects, ensuring the security of personal data during processing, and adhering to the general data privacy principles of proportionality, transparency and legitimate purpose.

1 To know more about the documentary requirements that need to be uploaded to eRehistro, please refer to our earlier client alert here.


Bienvenido Marquez III is a partner in Quisumbing Torres' Intellectual Property, Data and Technology Practice Group. He also co-heads the Consumer Goods & Retail Industry Group and is a member of the Technology, Media & Telecommunications Group. He participates in initiatives of Baker & McKenzie International of which Quisumbing Torres is a member firm. He is a member of Baker McKenzie's Asia Pacific Intellectual Property Business Unit for Brand Enforcement. He is immediate Past President of the Philippine Chapter of the Licensing Executives Society International (2019-2021), and is currently co-chair of the LESI Asia Pacific. He is also a member of the Anti-Counterfeiting Committee of the International Trademarks Association (INTA). He has been appointed as member of the INTA Asia Global Advisory Council (GAC) for 2022 to 2023, making him the only Philippine representative on the council.

Bien has vast experience in handling IP enforcement litigation, trademark and patent prosecution and maintenance, copyright, data privacy, information security, IT, telecommunications, e-commerce, electronic transactions, cyber security and cybercrime. He has been consistently ranked as a leading individual for Intellectual Property and TMT in Legal 500 Asia Pacific, Chambers Asia Pacific, asialaw Leading Lawyers, Managing IP Stars, Asia IP, and World Trademark Review. He was also recognized as a Volunteer Service Awardee by INTA in 2018.


Divina Ilas-Panganiban is a partner in Quisumbing Torres’ Intellectual Property and Information Technology & Communications practices. She has 15 years of experience in the fields of intellectual property law, commercial law and litigation. She currently serves as the Vice-President and Director of the Philippine Chapter of Licensing Executives Society International. Ms. Panganiban often serves as resource speaker in local and international seminars on IP and IT laws.


Neonette Pascual is an associate in Quisumbing Torres' Intellectual Property Practice Group and Information Technology & Communications Industry Group. She has nine years of experience handling matters involving contracts, incorporation, compliance, litigation, and corporate housekeeping. Prior to joining Quisumbing Torres, Ms. Pascual worked as legal counsel for the Philippine offices of two global outsourcing services companies